Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Nested Virtualization: Hyper-V Server

Featured Replies

Hello Everyone,

I'm trying to install a Hyper-V Server VM which should host other VMs.

My Hyper-V Server is working (network access), but underlying VMs aren't.

I saw that for a nested Hyper-V you should enable MAC Address Spoofing for the VMs, but unfortunately isn't working.


To be noticed that the Hyper-V VM is using a custom network which is on a VLAN, and I'm using MACVLAN (because I need that my Docker have a fixed reacheable IP Address).

 

Any advice or help is gladly welcome 🙂

Thanks in advance.

  • Community Expert
19 minutes ago, TDA said:

Hello Everyone,

I'm trying to install a Hyper-V Server VM which should host other VMs.

My Hyper-V Server is working (network access), but underlying VMs aren't.

I saw that for a nested Hyper-V you should enable MAC Address Spoofing for the VMs, but unfortunately isn't working.


To be noticed that the Hyper-V VM is using a custom network which is on a VLAN, and I'm using MACVLAN (because I need that my Docker have a fixed reacheable IP Address).

 

Any advice or help is gladly welcome 🙂

Thanks in advance.

What is there network config in the XML? I have a 2019 server working but I am on a bridge network.

  • Author
16 minutes ago, SimonF said:

What is there network config in the XML? I have a 2019 server working but I am on a bridge network.

Hello, 

The XML is as following:
 

<?xml version='1.0' encoding='UTF-8'?>
<domain type='kvm'>
  <name>SCCM Workbench</name>
  <uuid>671cce78-fe00-8f39-b3f1-f93f0b97614c</uuid>
  <description>Windows Server 2025 HyperV</description>
  <metadata>
    <vmtemplate xmlns="unraid" name="Windows 11" icon="windows11.png" os="windowstpm" webui="" storage="default" iconold="windows11.png"/>
  </metadata>
  <memory unit='KiB'>33554432</memory>
  <currentMemory unit='KiB'>33554432</currentMemory>
  <memoryBacking>
    <nosharepages/>
  </memoryBacking>
  <vcpu placement='static'>8</vcpu>
  <cputune>
    <vcpupin vcpu='0' cpuset='1'/>
    <vcpupin vcpu='1' cpuset='17'/>
    <vcpupin vcpu='2' cpuset='3'/>
    <vcpupin vcpu='3' cpuset='19'/>
    <vcpupin vcpu='4' cpuset='5'/>
    <vcpupin vcpu='5' cpuset='21'/>
    <vcpupin vcpu='6' cpuset='7'/>
    <vcpupin vcpu='7' cpuset='23'/>
  </cputune>
  <os>
    <type arch='x86_64' machine='pc-i440fx-9.2'>hvm</type>
    <loader readonly='yes' type='pflash' format='raw'>/usr/share/qemu/ovmf-x64/OVMF_CODE-pure-efi-tpm.fd</loader>
    <nvram format='raw'>/etc/libvirt/qemu/nvram/671cce78-fe00-8f39-b3f1-f93f0b97614c_VARS-pure-efi-tpm.fd</nvram>
    <boot dev='hd'/>
  </os>
  <features>
    <acpi/>
    <apic/>
    <hyperv mode='custom'>
      <relaxed state='on'/>
      <vapic state='on'/>
      <spinlocks state='on' retries='8191'/>
      <vpindex state='on'/>
      <synic state='on'/>
      <stimer state='on'/>
      <vendor_id state='on' value='none'/>
    </hyperv>
  </features>
  <cpu mode='host-passthrough' check='none' migratable='on'>
    <topology sockets='1' dies='1' clusters='1' cores='4' threads='2'/>
    <cache mode='passthrough'/>
  </cpu>
  <clock offset='localtime'>
    <timer name='hpet' present='no'/>
    <timer name='hypervclock' present='yes'/>
  </clock>
  <on_poweroff>destroy</on_poweroff>
  <on_reboot>restart</on_reboot>
  <on_crash>restart</on_crash>
  <devices>
    <emulator>/usr/local/sbin/qemu</emulator>
    <controller type='pci' index='0' model='pci-root'/>
    <controller type='virtio-serial' index='0'>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
    </controller>
    <controller type='usb' index='0' model='ich9-ehci1'>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x7'/>
    </controller>
    <controller type='usb' index='0' model='ich9-uhci1'>
      <master startport='0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x0' multifunction='on'/>
    </controller>
    <controller type='usb' index='0' model='ich9-uhci2'>
      <master startport='2'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x1'/>
    </controller>
    <controller type='usb' index='0' model='ich9-uhci3'>
      <master startport='4'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x2'/>
    </controller>
    <interface type='direct' trustGuestRxFilters='yes'>
      <mac address='52:54:00:02:4a:ee'/>
      <source dev='bond0.10' mode='bridge'/>
      <model type='virtio-net'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/>
    </interface>
    <serial type='pty'>
      <target type='isa-serial' port='0'>
        <model name='isa-serial'/>
      </target>
    </serial>
    <console type='pty'>
      <target type='serial' port='0'/>
    </console>
    <channel type='unix'>
      <target type='virtio' name='org.qemu.guest_agent.0'/>
      <address type='virtio-serial' controller='0' bus='0' port='1'/>
    </channel>
    <input type='tablet' bus='usb'>
      <address type='usb' bus='0' port='1'/>
    </input>
    <input type='mouse' bus='ps2'/>
    <input type='keyboard' bus='ps2'/>
    <tpm model='tpm-tis'>
      <backend type='emulator' version='2.0' persistent_state='yes'/>
    </tpm>
    <graphics type='vnc' port='-1' autoport='yes' websocket='-1' listen='0.0.0.0' keymap='fr-ch' sharePolicy='ignore'>
      <listen type='address' address='0.0.0.0'/>
    </graphics>
    <audio id='1' type='none'/>
    <video>
      <model type='qxl' ram='65536' vram='16384' vgamem='16384' heads='1' primary='yes'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x1e' function='0x0'/>
    </video>
    <hostdev mode='subsystem' type='pci' managed='yes'>
      <driver name='vfio'/>
      <source>
        <address domain='0x0000' bus='0x04' slot='0x00' function='0x0'/>
      </source>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
    </hostdev>
    <memballoon model='none'/>
  </devices>
</domain>

 

I don't know if the problem could be related to the "custom network" and that it's on MACVLAN.

 

  • Community Expert
9 minutes ago, TDA said:

Hello, 

The XML is as following:
 

<?xml version='1.0' encoding='UTF-8'?>
<domain type='kvm'>
  <name>SCCM Workbench</name>
  <uuid>671cce78-fe00-8f39-b3f1-f93f0b97614c</uuid>
  <description>Windows Server 2025 HyperV</description>
  <metadata>
    <vmtemplate xmlns="unraid" name="Windows 11" icon="windows11.png" os="windowstpm" webui="" storage="default" iconold="windows11.png"/>
  </metadata>
  <memory unit='KiB'>33554432</memory>
  <currentMemory unit='KiB'>33554432</currentMemory>
  <memoryBacking>
    <nosharepages/>
  </memoryBacking>
  <vcpu placement='static'>8</vcpu>
  <cputune>
    <vcpupin vcpu='0' cpuset='1'/>
    <vcpupin vcpu='1' cpuset='17'/>
    <vcpupin vcpu='2' cpuset='3'/>
    <vcpupin vcpu='3' cpuset='19'/>
    <vcpupin vcpu='4' cpuset='5'/>
    <vcpupin vcpu='5' cpuset='21'/>
    <vcpupin vcpu='6' cpuset='7'/>
    <vcpupin vcpu='7' cpuset='23'/>
  </cputune>
  <os>
    <type arch='x86_64' machine='pc-i440fx-9.2'>hvm</type>
    <loader readonly='yes' type='pflash' format='raw'>/usr/share/qemu/ovmf-x64/OVMF_CODE-pure-efi-tpm.fd</loader>
    <nvram format='raw'>/etc/libvirt/qemu/nvram/671cce78-fe00-8f39-b3f1-f93f0b97614c_VARS-pure-efi-tpm.fd</nvram>
    <boot dev='hd'/>
  </os>
  <features>
    <acpi/>
    <apic/>
    <hyperv mode='custom'>
      <relaxed state='on'/>
      <vapic state='on'/>
      <spinlocks state='on' retries='8191'/>
      <vpindex state='on'/>
      <synic state='on'/>
      <stimer state='on'/>
      <vendor_id state='on' value='none'/>
    </hyperv>
  </features>
  <cpu mode='host-passthrough' check='none' migratable='on'>
    <topology sockets='1' dies='1' clusters='1' cores='4' threads='2'/>
    <cache mode='passthrough'/>
  </cpu>
  <clock offset='localtime'>
    <timer name='hpet' present='no'/>
    <timer name='hypervclock' present='yes'/>
  </clock>
  <on_poweroff>destroy</on_poweroff>
  <on_reboot>restart</on_reboot>
  <on_crash>restart</on_crash>
  <devices>
    <emulator>/usr/local/sbin/qemu</emulator>
    <controller type='pci' index='0' model='pci-root'/>
    <controller type='virtio-serial' index='0'>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
    </controller>
    <controller type='usb' index='0' model='ich9-ehci1'>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x7'/>
    </controller>
    <controller type='usb' index='0' model='ich9-uhci1'>
      <master startport='0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x0' multifunction='on'/>
    </controller>
    <controller type='usb' index='0' model='ich9-uhci2'>
      <master startport='2'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x1'/>
    </controller>
    <controller type='usb' index='0' model='ich9-uhci3'>
      <master startport='4'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x2'/>
    </controller>
    <interface type='direct' trustGuestRxFilters='yes'>
      <mac address='52:54:00:02:4a:ee'/>
      <source dev='bond0.10' mode='bridge'/>
      <model type='virtio-net'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/>
    </interface>
    <serial type='pty'>
      <target type='isa-serial' port='0'>
        <model name='isa-serial'/>
      </target>
    </serial>
    <console type='pty'>
      <target type='serial' port='0'/>
    </console>
    <channel type='unix'>
      <target type='virtio' name='org.qemu.guest_agent.0'/>
      <address type='virtio-serial' controller='0' bus='0' port='1'/>
    </channel>
    <input type='tablet' bus='usb'>
      <address type='usb' bus='0' port='1'/>
    </input>
    <input type='mouse' bus='ps2'/>
    <input type='keyboard' bus='ps2'/>
    <tpm model='tpm-tis'>
      <backend type='emulator' version='2.0' persistent_state='yes'/>
    </tpm>
    <graphics type='vnc' port='-1' autoport='yes' websocket='-1' listen='0.0.0.0' keymap='fr-ch' sharePolicy='ignore'>
      <listen type='address' address='0.0.0.0'/>
    </graphics>
    <audio id='1' type='none'/>
    <video>
      <model type='qxl' ram='65536' vram='16384' vgamem='16384' heads='1' primary='yes'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x1e' function='0x0'/>
    </video>
    <hostdev mode='subsystem' type='pci' managed='yes'>
      <driver name='vfio'/>
      <source>
        <address domain='0x0000' bus='0x04' slot='0x00' function='0x0'/>
      </source>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
    </hostdev>
    <memballoon model='none'/>
  </devices>
</domain>

 

I don't know if the problem could be related to the "custom network" and that it's on MACVLAN.

 

Do you have an option to use vhost.10 in your VM config? Please post diagnostics.

  • Author
7 minutes ago, SimonF said:

Do you have an option to use vhost.10 in your VM config? Please post diagnostics.

Sorry I don't understand what exactly you want to know.

The HyperVisor itself is on the VLAN (before setting a fixed IP it was using a DHCP lease), so all VM inside it should already be on the VLAN 10 - and it's able to communicate with the DHCP/Router of the VLAN.
So theoretically also it's VMs should be able to do it - but they don't (even though MAC Spoofing, which seems to be necessary according to MS).

 

sekiro-diagnostics-20250512-2227.zip

Edited by TDA
Added Diagnostics

  • Community Expert
12 minutes ago, TDA said:

Sorry I don't understand what exactly you want to know.

The HyperVisor itself is on the VLAN (before setting a fixed IP it was using a DHCP lease), so all VM inside it should already be on the VLAN 10 - and it's able to communicate with the DHCP/Router of the VLAN.
So theoretically also it's VMs should be able to do it - but they don't (even though MAC Spoofing, which seems to be necessary according to MS).

 

sekiro-diagnostics-20250512-2227.zip 238.47 kB · 0 downloads

When using macvlan the interface type is normally vhost rather than a bridge.

 

This is my XML.

 

    <interface type='bridge'>
      <mac address='52:54:00:d5:b6:c5'/>
      <source bridge='br0'/>
      <target dev='vnet0'/>
      <model type='virtio-net'/>
      <alias name='net0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/>
    </interface>

 

And vswitch.

 

 

image.png

  • Community Expert
21 minutes ago, TDA said:

Sorry I don't understand what exactly you want to know.

The HyperVisor itself is on the VLAN (before setting a fixed IP it was using a DHCP lease), so all VM inside it should already be on the VLAN 10 - and it's able to communicate with the DHCP/Router of the VLAN.
So theoretically also it's VMs should be able to do it - but they don't (even though MAC Spoofing, which seems to be necessary according to MS).

 

sekiro-diagnostics-20250512-2227.zip 238.47 kB · 1 download

Try setting network to vhost0.10 in for the network in the vm template for the network source. You should have vhost0.10 as an option.

 

image.png

  • Author
26 minutes ago, SimonF said:

Try setting network to vhost0.10 in for the network in the vm template for the network source. You should have vhost0.10 as an option.

 

image.png

Hello0,
I'm having something like you (it's called bond because in the beginning it was a bounded network)

image.png.fc1f7897a189b6b0c6a24e75b9a2b3a2.pngimage.png.9eb8f034507ec061a6d347d9035661c6.png

 

Under docker it's indeed MACVLAN:
image.thumb.png.9d72e3c1bfc99b547c03bf4848e17bce.png

With bridging disabled Unraid uses macvtap interface for VMs (in this case bond0.10). This is correctly configured.

 

For nested VMs it is advised to let the host VM pass the interface as a 'regular' interface (pass thru) to them.

 

  • Author
On 5/15/2025 at 7:37 PM, bonienl said:

With bridging disabled Unraid uses macvtap interface for VMs (in this case bond0.10). This is correctly configured.

 

For nested VMs it is advised to let the host VM pass the interface as a 'regular' interface (pass thru) to them.

 

Hello,

I had to made a modification to the Network configuration for the server since I noticed that Active-Backup was actually missing the 2nd Ethernet card.

image.thumb.png.04feaf56e8030f1f4c5f922eb3bd99f5.png

 

So I added the missing one in the bond, and also enabled BRIDGING.

Under Docker I still see MACVLAN:
image.thumb.png.7966fba69e04d665158bd5b09b8da18e.png

 

Is this still a "correct" configuration?

Also you with "pass trough",  you mean that I should attach the "physical" network, and then INSIDE the VM configuring the VLAN Tag?

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.